Closed sherlock-admin closed 9 months ago
s1ce
medium
Even if the contract is paused, the next round can be opened.
In _startRound:
_startRound
if ( !paused() && _shouldDrawWinner(numberOfParticipants, round.maximumNumberOfParticipants, round.deposits.length) ) { // @audit: this if statement seems wrong? _drawWinner(round, roundId); } else { uint40 _roundDuration = roundDuration; // This is equivalent to // round.status = RoundStatus.Open; // if (round.numberOfParticipants > 0) { // round.cutoffTime = uint40(block.timestamp) + _roundDuration; // } // @audit: does this code constantly increase the cutoff time? uint256 roundSlot = _getRoundSlot(roundId); assembly { // RoundStatus.Open is equal to 1. let roundValue := or(sload(roundSlot), 1) if gt(numberOfParticipants, 0) { roundValue := or(roundValue, shl(ROUND__CUTOFF_TIME_OFFSET, add(timestamp(), _roundDuration))) } sstore(roundSlot, roundValue) } emit RoundStatusUpdated(roundId, RoundStatus.Open); }
So if contract is paused we will still open the next round, which is not in the spirit of pausing.
Next round will be opened even if contract is paused
https://github.com/sherlock-audit/2024-01-looksrare/blob/main/contracts-yolo/contracts/YoloV2.sol#L949
Manual Review
Do not open next round if contract is paused
Duplicate of #100
s1ce
medium
Round can be opened even if the contract is paused
Summary
Even if the contract is paused, the next round can be opened.
Vulnerability Detail
In
_startRound:So if contract is paused we will still open the next round, which is not in the spirit of pausing.
Impact
Next round will be opened even if contract is paused
Code Snippet
https://github.com/sherlock-audit/2024-01-looksrare/blob/main/contracts-yolo/contracts/YoloV2.sol#L949
Tool used
Manual Review
Recommendation
Do not open next round if contract is paused
Duplicate of #100